In parent application Ser. No. 13/615,340, I described a solution to the problem generated by the explosion of information, devices and apps: it is ever harder to find information in context. Digital information surely cannot be found if it was lost or not captured by the computer in first place. First, while humans think of relationships among pieces of information, these may be hard or impossible to get captured by the computer with current apps: important input from humans is lost. Second, digital information gets replicated and scattered around devices, apps, accounts, and people, resulting in the loss of important relationships among who-what-when.
In this application I further describe how to improve the computer to capture and find information, in light of two key factors of the global information network with numerous computer devices services, and apps: security and usability. These are conflicting objectives: maximize the security, while minimizing the work that needs to be done by the user to obtain a benefit from the system. Services and apps require separate identification and authorization, so that users waste time to create and access accounts of the various services.
Account creation and identification: a user is requested to perform many unnecessary actions as a condition to use a service, and worse than that, to even find out what it does. For instance:                User name: choosing a user name for a service forces the user to do multiple trials and errors to find an available name. Some services allow using existing IDs (e.g. an email address) in order to create an account, which may resolve the burden of finding an available user name, but it may affect the user privacy, in case she did not want to reveal her identity or unnecessary information about herself yet.        Password: the rules for composing passwords may vary from service to service leading users to frustration, and weak or forgotten passwords.        User information: additional user information (e.g. name, sex, etc.) may be required before account creation; since it may not be validated, users may enter bogus data.        Recovery: selecting among a set of predetermined questions and answers for account security or recovery is frustrating and ineffective as setting up a password.The impact to users is as follows:        new users, have to waste a lot of time to set up and give up too much privacy, even if they may just want to see if a service is what they want or not;        existing users are aggravated by remembering and changing passwords, and setting up security and recovery information, that may not be proportional to value to the service they receive or to the value of information they produce in the service.        
The impact to service providers is as follows:                new users or potential new customers may be turned off,        existing legitimate users are aggravated, and may fail to access the service,        bogus information and accounts may be collected,        abusers are not discouraged and have more opportunity for holes.In summary, security is costly and burdensome: if unusable, users bypass, complain or leave.        
Permissions to digital information. The status quo is based on sharing. Also, users have multiple services and communication channels that they use for access control. As a result, users produce an enormous amount of information that gets disaggregated and may not be associated with the intended permissions: some information may be accessed by unintended users, while other information is not findable by users that were not intended to be blocked. A user can share to selected people, or groups, or publicly, and results in situations where either privacy, or search, or both fail. For instance:                I send content to one person: it is only searchable by this person, though I really have no intention to prevent others from finding it . . . but they can't.        I want to share confidential content only with selected people, but have no way to know whether it gets in the hands of others . . . and it may.        I want to search available content by a person, so I ask to send it to me . . . burdensome.In summary, the following problems are at the core of the invention:        security rules may not be proportional to the value being protected;        the user's investment in time to meet security guidelines may not be proportional to the value received by the service, or to the assets that are being protected;        users are offered an experience that may not allow to express their intentions; With “frictionless security” I indicate a series of methods to achieve the following objectives:        Immediate user benefit: the computer should provide immediately the service benefits (especially to a new user) to show its value: this will in turn induce the user to engage and use the system more and more. Otherwise, the user may get frustrated, and interrupt trying to use the system at the first hurdle, and not come back again.        Optimize security and usability: make the effort of the user minimal, and anyway proportional to the value of the service they receive, or to the value of information they produce in the service, while maximizing the security likelihood of the service and information.        Privacy/anonymity: allow people to maintain as much privacy or anonymity as possible and identify themselves to the computer service as much as necessary for what they need from the service. Again, if too much is asked of them, they may not engage. So the computer needs to postpone asking the user what is not immediately necessary.        Capture the user intentions: support and capture the intentions of the user and the trade-offs between security and time to invest. This includes what they want to permit or not about the information that they capture, or that is collected about them.        Limit abuse: limit resources at stake, and attribute responsibility if the limits are broken, but without aggravating legitimate users.        